The Increasing Threat of Email-Based Cyber Attacks
Email is a primary avenue for cyber-attacks and fraud, accounting for 90-95% of security breaches. While email-based threats may not always seem overtly dangerous, they demand our attention and vigilance.
The latest security issue with the desktop version of New Outlook complicates the process of distinguishing valid links from malicious ones. This problem is exacerbated by the rise of Session Token Hijacking, where hackers can gain access to your account without needing your password or multifactor authentication—simply by getting you to click on a malicious link. This makes it more crucial than ever to verify links before clicking on them.
As we strive to educate and equip businesses and non-profits against cyber-crime, we emphasize the importance of using the SLAM Method to scrutinize emails and determine whether they are phishing attempts or legitimate communications.
Introducing the SLAM Method
The SLAM Method is a straightforward approach to email security that involves examining the following four components:
1. Sender
Always verify the sender's email address. Scammers often use look-alike email addresses or spoof legitimate ones to deceive recipients. If an email seems suspicious, take a moment to investigate the sender's authenticity.
2. Links
Avoid clicking on links unless you are confident the email is legitimate. Links can appear as images, buttons, or hyperlinked words, making them easy to overlook. Hover over links to reveal their destination URLs. However, a current issue with the new version of Outlook complicates this step
Important Outlook Issue
In the latest Outlook version, hovering over links does not display the true URL, making it difficult to verify the link's safety. Microsoft has yet to provide a timeline for fixing this problem. Meanwhile, you can use alternative methods to check links:
- Use the Web Version: Log into the web version of Outlook, which still displays the true URL when you hover over a link.
- Copy and Paste: Right-click on the link, copy it, and paste it into a word document to see the full URL.
3. Attachments
Do not open attachments from unknown senders. Even if you recognize the sender, verify with them directly (e.g., via phone call) before opening any attachments. Hackers can exploit compromised email accounts to send malicious attachments to unsuspecting recipients.
4. Message
Carefully read the email message for any signs of phishing. Look for grammatical errors, unusual requests, or anything that seems out of the ordinary.
Stay Vigilant and Safe
In the face of increasing email-based threats, staying informed and cautious is your best defense. Use the SLAM Method to evaluate emails, and take extra steps to verify links until Microsoft resolves the current Outlook issue.
Stay diligent, and protect your digital security!
